Identificação de IP

[clamego]

Caros colegas,

Tenho recebido e-mail com ofensas pessoais e gostaria de identificar o remetente. A pessoa criou um usuário falso no yahoo para enviar os emails.

Quando clico em cabeçalho completo, aparece a mensagem abaixo., Pergunto, com estas informações é possível identificar o ip da maquina que enviou?

Grande abraço e obrigado.


From Carlos Morais Mon Oct 24 09:16:47 2011
X-Apparently-To: (meu e-mail) via 76.13.9.35; Mon, 24 Oct 2011 09:16:48 -0700
Return-Path: <moraiscarlos69@yahoo.com.br>
Received-SPF: none (domain of yahoo.com.br does not designate permitted sender hosts)
YSBtb2NpbmhhID8gcnNyc3JzcnNyc3JzCkhvbWVtIHZlbGhvIH NlbXByZSB0
ZW0gZXNwZXJhbsOnYSBkZSBhcnJ1bWFyIGFsZ3XDqW0gbsOpPy BOw6NvIGRl
aXhhIG1vcnJlciBlc3NhIHN1YSB2b250YWRlIC4uLiBBbnRlcy BxdWUgc2Vq
YSB0YXJkZSBkZW1haXMuLi4gaXNzbyBtZXNtbyBsdXRhIGNvbS B0b2RhcyBh
cyBmb3LDp2FzIC4uLiBuZW0gcXVlIHNlamEgcHJhIGRpdmlkaX IBMAEBAQE-
X-YMailISG: k3OopWoWLDsTXoVTwjSbj9tq1cS0bWS5MfmRUbjh1Mv6_sai
qRAFVd3IgEN5ay0dHhkUh_8CDlOWtuNyNWp79q7jC1vRDtiSrx i9oB8ZPiyj
RXr6Qvl3az6ps_XKvtezunmSGOovWqCzHJ4jRPIyb7B6ixwIhi vklNEBvh.M
cNPJ3eDFvjnFl3dcT4roqeM3QW88yx1TLb85z8amw911Ex1RLd lDEupvzoGN
uBLHrKRJ.KYcmLmYBIbwx.D__4h7ZvMAr3R._92YAZ7z3IYHiX 1Q38r77I6q
GncscWxargeRQbX_5pUljNPobkfXn86F1REzckHl2vx67k95qU ShYlWDPEZe
gqx6DZRsD4xAejbzstn6pOEj8u6g.vnPl27SgWogVsMa7ytchS tIXzLCKKfM
1Nbv7oA_CKqnyf8YPNoSS4iagO3xkobwDVfIDWxN9GoGWDFm.T BZSQafQRI4
U_V7kN3oMZLhT0bZRcREgwWs2bFSP9Rxv5YgNIG7n3v461B7na TwaNx5t8GH
q.Zo52IDGRy3gLEMQKBKG8uJFUssQvJYKmAODJVH._eD3UEa8N fmlMhQLQIS
5mPjbrUud3UPQ72hTC8iLoYASadiTjIUMZJdMC0wH6Mlx.CboI iFezGkwLak
V_YNVmczfc5kDOvaz6DLZHRtH68AOcDH4dfjaRe9Ur451PxxuM NoUhEQb39T
FBhEIuECHS9C2.UQVYmJOiNv836OAN37BuhTJRWUkFIYZY2lIi 3wgKB95a._
_cnTM7o1SxlENUhVfdMU3azvhk3ag0p9vFv5FZYpVewtLD4mRh N43Nxns4wk
i30yzzjhSEio_Xd20acrgiBWl2KU4SXOyZ0BDc25o.5wipdjWn WKbHiwfufS
7eK_rqvry8oATzxF62XMWzYY.RPDuhg7IxvYr0oL2p5A.Wcy99 NTRgpS2PHc
WMn_qzisJnY_ZjFvDMvp80znb.fXkrRr9ZxiiHrEAu0dGXXuo_ VJSLUIINSL
zYMjec1FKZ7eIo_iums6Tt85EsI5BHDfVwiMcqoHsOzccjJd4T KvZcrWpUey
h.sYxzVeC6zz3xUWTLand.l9kk0qB6MFZtAbqb4x7etsTovJ6O QQtIUFd1ZI
DPVYblEp.w0WJZsNEisVPs98kBbAYcmTdvX2_aLUp_EfBF29Pd iJIoQJzows
uNgvomKGj2WJn4rfK2fAz_cNr_HWrEOojwd0m.HhB2Z3g1SgOT VHj.P_8qrE
nra6Tak-
X-Originating-IP: [98.138.91.177]
Authentication-Results: mta1406.mail.mud.yahoo.com from=yahoo.com.br; domainkeys=pass (ok); from=yahoo.com.br; dkim=pass (ok)
Received: from 127.0.0.1 (HELO nm17-vm4.bullet.mail.ne1.yahoo.com) (98.138.91.177)
by mta1406.mail.mud.yahoo.com with SMTP; Mon, 24 Oct 2011 09:16:48 -0700
Received: from [98.138.90.57] by nm17.bullet.mail.ne1.yahoo.com with NNFMP; 24 Oct 2011 16:16:47 -0000
Received: from [98.138.89.248] by tm10.bullet.mail.ne1.yahoo.com with NNFMP; 24 Oct 2011 16:16:47 -0000
Received: from [127.0.0.1] by omp1040.mail.ne1.yahoo.com with NNFMP; 24 Oct 2011 16:16:47 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 745652.28830.bm@omp1040.mail.ne1.yahoo.com
Received: (qmail 87524 invoked by uid 60001); 24 Oct 2011 16:16:47 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com.br; s=s1024; t=1319473007; bh=MZ1hKKJtvZQIN9OBOhtn7svkFlX6XZzvSX5SfuwIoEs=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:To:MIME-Version:Content-Type; b=fK6Fot4p0Kp4LjjItVUaAbHc1KmkT3otLpiespCalPA/QRQdgH/OUpoE3X3yTpOOgUP7MuvVhopBI6Pkl9hD9pANhPEa7oHKW43kD V0sOmlZh3nd7KrI8/TAx8ZsoyBhXOf9sqxpD/+a2euFvaiyKgvqHiyBG80DhBAs5cmwG2k=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com.br;
h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:To:MIME-Version:Content-Type;
b=O4FIynrOWtWkRnZX29tYnGpfqvzO/M3qPYDTdaMsap2Z5CajXLs2VAYI/vrDJ0pWXlmT68y7wNWh9+23snTedxmHsFkbzrfNNOKEu6+b5B9 YZGSbkuvpgv6nId45qHi1ogKYZsjRDpS0qi3p18Cb3c/OKOMYCNFwWM9FivcW5ro=;
X-YMail-OSG: RTlt0gMVM1mVzOBiLkTzuZXscAmH8AcnvtWMSPW53yw_c6P
35dfLlViEniGrnrssYG916BKLclDgWI57mKVwQUAYRyo_iMt4. th9p2ZN3I7
0KI78QtPWaubBWqGvWcwgPFSbPCa1AckQB25.vPaUOUBVruQgb 40q6Rchtsx
EFllwCjTkH5atVWs2sSy4TwKUd6gO1bdHkbKQ2YwNoWwsbWB_W F20c3t4lFB
6DYdnhPgzK3kUsN0daKEeSoYWycZHrzKTYFBAT.wLQUZx3jx_O OzQl84Qtqt
OntlAtpWcBwWwuOSRXGfyd2wKwsFBNZ4WNkDyuI1Ng6zKT_Y8I Z_4yjGe8Ep
KPw55WrCET6MAME5grNZjTOEmczPaR_8bXzk1TLJl7oYbjHZgp chfFva6YdW
SJtEE_JCC93Z16r0waZknLsaSM7ES29p2D61sii.YQqoEoBMcO djcosYTiSF
QRfrJ2LwRSy0eL15NDlo8yicsE1Iq2Wi2BpTOsMcxa12DzE._l RuZGXNLFuM
SrTJfHfwD8TGle0h0xFmBkzxykuwj9cKvNhQ6ifhaxA7RcWpJk Myu22mAnEW
KQkUI25QXHILIKMwnSooipE8xbUgzOJkUZsW7ZGagancmVDq3p JdzRPcNpfS
ojw2jUxIGylP4wCAU26wVuNEKgs6.A7IwP0YdBl2P.5DmkrjNZ znhCIKaNwo
fmgEX7yJI4sF9Pn2zYl1uBbn1seodF.NYXo35s.J8qn6kTvTMD QkSp4w96ts
AaFa7dV_U_5IVAu7yZkPw9LJ6
Received: from [200.195.34.129] by web124715.mail.ne1.yahoo.com via HTTP; Mon, 24 Oct 2011 09:16:47 PDT
X-Mailer: YahooMailWebService/0.8.114.317681
Message-ID: <1319473007.86908.YahooMailNeo@web124715.mail.ne1. yahoo.com>
Date: Mon, 24 Oct 2011 09:16:47 -0700 (PDT)
From: Carlos Morais <moraiscarlos69@yahoo.com.br>
Reply-To: Carlos Morais <moraiscarlos69@yahoo.com.br>
To: "cristianolamego@yahoo.com.br" <cristianolamego@yahoo.com.br>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-424890047-744228317-1319473007=:86908"
Content-Length: 2560
OK

[Lord Dagonet]

Cristiano, os dados que são possíveis de extrair do cabeçalho seguem na URL abaixo:

Relatório Email Header Analyzer

Nele há diversos IPs, mas praticamente todos do serviço de e-mail do Yahoo (ele usou webmail).

O que pode ser feito é um laudo com este conteúdo da mensagem e com este cabeçalho anexado....esse laudo servirá de base para uma quebra de sigilo perante o Yahoo da correspondência eletrônica em questão. Assim o Yahoo deverá (com base em um pedido judicial) fornecer o IP que enviou essa mensagem, conforme os dados da mesma.

Só que se tudo correrem as mil maravilhas (nem sempre é o caso), de posse deste IP haveria um novo pedido de quebra de sigilo, só que agora perante a provedora de internet do fulano....aí sim você consegue chegar num endereço físico (rua X, Casa nº Y) daonde essa mensagem é proveniente (isso se ele não usou proxy...mas normalmente não há esse uso...).

Espero ter ajudado.

[], LD.